Franck Villaume [Sun, 14 Apr 2013 18:14:32 +0000 (20:14 +0200)]
partial apply #533: improve the display
Franck Villaume [Sun, 14 Apr 2013 17:58:18 +0000 (19:58 +0200)]
apply #543: fix licence, fix rss display
Franck Villaume [Sun, 14 Apr 2013 17:14:46 +0000 (19:14 +0200)]
patch #550: add more check on disabled feature in RBAC normalize function
Franck Villaume [Sun, 7 Apr 2013 19:50:01 +0000 (21:50 +0200)]
test suite: adapt for #350 implementation
Franck Villaume [Sun, 7 Apr 2013 19:13:10 +0000 (21:13 +0200)]
test suite: adapt #350 implementation
Franck Villaume [Sun, 7 Apr 2013 18:50:13 +0000 (20:50 +0200)]
fix #350: better permission check
Franck Villaume [Sun, 7 Apr 2013 18:21:24 +0000 (20:21 +0200)]
test suite: adapt #350 implementation
Franck Villaume [Sun, 7 Apr 2013 18:07:03 +0000 (20:07 +0200)]
test suite: adapt #350 implementation
Franck Villaume [Sun, 7 Apr 2013 17:45:38 +0000 (19:45 +0200)]
test suite: adapt to #350 implementation feature
Franck Villaume [Sun, 7 Apr 2013 17:38:28 +0000 (19:38 +0200)]
implement #350: skip project approval when submitter is forge administrator
Franck Villaume [Sat, 6 Apr 2013 18:39:17 +0000 (20:39 +0200)]
fix #447: setStatus does not check the correct user for permission, add missing default value in config files
Alain Peyrat [Fri, 5 Apr 2013 16:26:52 +0000 (18:26 +0200)]
Drop hardcoded graph size & Misc in src/www/reporting
Alain Peyrat [Fri, 5 Apr 2013 16:12:54 +0000 (18:12 +0200)]
Fix logic in project registeration form when only one template project & Misc
Franck Villaume [Mon, 1 Apr 2013 19:31:44 +0000 (21:31 +0200)]
SCM plugins: display stats only to authorized people
Franck Villaume [Mon, 1 Apr 2013 13:38:01 +0000 (15:38 +0200)]
add missing link to manage available roadmaps
Thorsten Glaser [Tue, 26 Mar 2013 16:21:06 +0000 (17:21 +0100)]
never expose user-supplied string to printf; use str_replace instead
Thorsten Glaser [Tue, 26 Mar 2013 16:19:03 +0000 (17:19 +0100)]
store 100 values as JSON "null" instead of emitting PHP warnings
Thorsten Glaser [Thu, 21 Mar 2013 17:56:18 +0000 (17:56 +0000)]
add a TODO note about a MAC for the session cookie
via http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
(I will work on this someday)
Roland Mas [Tue, 19 Mar 2013 14:02:25 +0000 (15:02 +0100)]
Contentless merge from 5.2
Roland Mas [Tue, 19 Mar 2013 13:59:59 +0000 (14:59 +0100)]
Merged from 5.1
Franck Villaume [Mon, 18 Mar 2013 19:18:31 +0000 (20:18 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Mon, 18 Mar 2013 19:17:37 +0000 (20:17 +0100)]
widget: fix survey widget when project does not use survey
Franck Villaume [Sun, 17 Mar 2013 17:05:45 +0000 (18:05 +0100)]
scmhook: fix php warning
Franck Villaume [Sun, 17 Mar 2013 16:39:25 +0000 (17:39 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Sun, 17 Mar 2013 16:36:33 +0000 (17:36 +0100)]
RBAC: fix tracker & task check
Franck Villaume [Sun, 17 Mar 2013 15:42:38 +0000 (16:42 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Sun, 17 Mar 2013 15:37:41 +0000 (16:37 +0100)]
scmsvn: fix svn repo create
Roland Mas [Tue, 12 Mar 2013 12:44:32 +0000 (13:44 +0100)]
Fixed project creation
Roland Mas [Tue, 12 Mar 2013 12:38:38 +0000 (13:38 +0100)]
Another fix for project creation
Roland Mas [Tue, 12 Mar 2013 10:38:45 +0000 (11:38 +0100)]
Fixed project creation
Franck Villaume [Sun, 10 Mar 2013 13:01:01 +0000 (14:01 +0100)]
merge Branch_5_2
Franck Villaume [Sun, 10 Mar 2013 12:59:28 +0000 (13:59 +0100)]
tracker: fix redirect when click on admin link
db: fix warning
Franck Villaume [Sat, 9 Mar 2013 18:16:54 +0000 (19:16 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Sat, 9 Mar 2013 18:15:51 +0000 (19:15 +0100)]
fix #497: Number of pending projects miscounted/misleading on site admin tab
Franck Villaume [Sat, 9 Mar 2013 17:55:13 +0000 (18:55 +0100)]
port from Branch_5_2: fix #527: unable to delete project when use_forum = no in config.ini
Franck Villaume [Sat, 9 Mar 2013 17:48:54 +0000 (18:48 +0100)]
fix #527: unable to delete project when use_forum = no in config.ini
Franck Villaume [Sat, 9 Mar 2013 16:35:17 +0000 (17:35 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Sat, 9 Mar 2013 16:33:56 +0000 (17:33 +0100)]
fix #528: complains about forums when creating mailing-list even if forum tool is deactivated
Franck Villaume [Sat, 9 Mar 2013 14:22:30 +0000 (15:22 +0100)]
prepare merge git dav enhancement
Franck Villaume [Sun, 24 Feb 2013 11:53:26 +0000 (12:53 +0100)]
scmgit: add httpd_reload_cmd to handle specific debian httpd name
Franck Villaume [Sat, 23 Feb 2013 13:09:32 +0000 (14:09 +0100)]
scmgit: add support for basic dav access
Franck Villaume [Wed, 6 Mar 2013 19:48:48 +0000 (20:48 +0100)]
merge Branch_5_2
Franck Villaume [Wed, 6 Mar 2013 19:45:56 +0000 (20:45 +0100)]
docman: fix missing )
Franck Villaume [Wed, 6 Mar 2013 19:45:21 +0000 (20:45 +0100)]
fix scm session rights check and redirect
Franck Villaume [Wed, 6 Mar 2013 19:22:10 +0000 (20:22 +0100)]
docman: fix missing )
tiben [Tue, 5 Mar 2013 21:51:51 +0000 (22:51 +0100)]
Merge branch 'scmhook-git'
tiben [Tue, 5 Mar 2013 21:50:02 +0000 (22:50 +0100)]
Merge remote branch 'upstream/master'
tiben [Tue, 5 Mar 2013 18:20:37 +0000 (19:20 +0100)]
add fusionforge licence
Franck Villaume [Sun, 3 Mar 2013 16:35:12 +0000 (17:35 +0100)]
port from Branch_5_2: fix #546: Protect apostrophe in a directory name in docman, patch from French Ministry of National Education
Franck Villaume [Sun, 3 Mar 2013 16:31:14 +0000 (17:31 +0100)]
fix copyrights
Franck Villaume [Sun, 3 Mar 2013 16:27:20 +0000 (17:27 +0100)]
fix #546: Protect apostrophe in a directory name in docman, patch from French Ministry of National Education
tiben [Thu, 28 Feb 2013 01:22:01 +0000 (02:22 +0100)]
initialize scmhook for git
Roland Mas [Wed, 27 Feb 2013 08:53:08 +0000 (09:53 +0100)]
Merged from 5.2
Roland Mas [Wed, 27 Feb 2013 08:52:14 +0000 (09:52 +0100)]
Marked the merge
Roland Mas [Wed, 27 Feb 2013 08:52:01 +0000 (09:52 +0100)]
Merged from 5.1
Roland Mas [Wed, 27 Feb 2013 08:49:33 +0000 (09:49 +0100)]
Marked the merge
Roland Mas [Wed, 27 Feb 2013 08:44:54 +0000 (09:44 +0100)]
Merged from 5.1
Thorsten Glaser [Wed, 27 Feb 2013 08:33:16 +0000 (09:33 +0100)]
use util_randbytes() to get six random bytes
it’s computationally, and on the kernel pool, much cheaper than
openssl_random_pseudo_bytes() which initialises the OpenSSL pool,
which eats more bytes from the kernel pool
Thorsten Glaser [Wed, 27 Feb 2013 08:26:55 +0000 (09:26 +0100)]
use posix_initgroups() to get the user’s group vector
calling 'su' inside createUserRepo() isn’t going to work because
that function is already run with reduced privilegues; instead,
if the old user is root use posix_initgroups() to switch the
group vector to the new user’s and restore root’s later (if the
old user is not root, we have no way to do that anyway as, in
my tests, posix_initgroups() only works if the current EUID is
0); posix_getgroups() can be used to save the old group list,
but there is no posix_setgroups(), so we need to use this way
Roland Mas [Tue, 26 Feb 2013 16:36:00 +0000 (17:36 +0100)]
Fixed logic
Roland Mas [Tue, 26 Feb 2013 16:35:35 +0000 (17:35 +0100)]
Fixed logic
Roland Mas [Tue, 26 Feb 2013 16:34:53 +0000 (17:34 +0100)]
Fixed logic
Roland Mas [Tue, 26 Feb 2013 15:52:50 +0000 (16:52 +0100)]
Obtain user's extra groups so as to be able to chgrp
Roland Mas [Tue, 26 Feb 2013 15:48:26 +0000 (16:48 +0100)]
Merged from 5.2
Roland Mas [Tue, 26 Feb 2013 15:48:01 +0000 (16:48 +0100)]
Obtain user's extra groups so as to be able to chgrp
Roland Mas [Tue, 26 Feb 2013 14:25:20 +0000 (15:25 +0100)]
Merged from 5.2: fix for vulnerability CVE-2013-1423
Roland Mas [Tue, 26 Feb 2013 10:55:47 +0000 (11:55 +0100)]
Better integration of nscd in the testsuite
Roland Mas [Tue, 26 Feb 2013 10:00:44 +0000 (11:00 +0100)]
Fixes to chown/chgrp invocations
Thorsten Glaser [Mon, 25 Feb 2013 10:05:14 +0000 (11:05 +0100)]
missing return value in non-void function
Thorsten Glaser [Mon, 25 Feb 2013 09:56:00 +0000 (10:56 +0100)]
I think is_file("$main_repo/HEAD") gives a warning if !is_dir($main_repo)
Thorsten Glaser [Mon, 25 Feb 2013 09:54:54 +0000 (10:54 +0100)]
Merge branch 'Branch_5_1' of git+ssh://scm.fusionforge.org//var/lib/gforge/chroot/scmrepos/git/fusionforge/fusionforge into Branch_5_1
Thorsten Glaser [Mon, 25 Feb 2013 09:53:21 +0000 (10:53 +0100)]
handle case where $main_repo already exists but is no git repo
(there’s still two things: mktemp -d might fail, in which case
we regress to the previous behaviour, and after the check the
$main_repo can come to exist before the mv, with the same outcome,
but since we do check the return value of the mv…)
Roland Mas [Mon, 25 Feb 2013 09:45:41 +0000 (10:45 +0100)]
Fixed syntax of permissions for chmod
Roland Mas [Mon, 25 Feb 2013 09:44:53 +0000 (10:44 +0100)]
Fixed syntax of permissions for chmod
Franck Villaume [Sun, 24 Feb 2013 15:53:23 +0000 (16:53 +0100)]
scmgit: better display in activity, add support for By
Franck Villaume [Sun, 24 Feb 2013 13:06:25 +0000 (14:06 +0100)]
scmsvn: fix display activity by default
Franck Villaume [Sun, 24 Feb 2013 12:55:43 +0000 (13:55 +0100)]
Merge branch 'master_git-dav-enhancement' of git+ssh://fusionforge.org/scmrepos/git/fusionforge/users/nerville into master_git-dav-enhancement
Franck Villaume [Sun, 24 Feb 2013 11:53:26 +0000 (12:53 +0100)]
scmgit: add httpd_reload_cmd to handle specific debian httpd name
Franck Villaume [Sat, 23 Feb 2013 13:09:32 +0000 (14:09 +0100)]
scmgit: add support for basic dav access
Franck Villaume [Sun, 24 Feb 2013 12:50:30 +0000 (13:50 +0100)]
scmgit: fix display activity by default
Franck Villaume [Sun, 24 Feb 2013 11:53:26 +0000 (12:53 +0100)]
scmgit: add httpd_reload_cmd to handle specific debian httpd name
Roland Mas [Sun, 24 Feb 2013 09:35:46 +0000 (10:35 +0100)]
SECURITY: Avoid attacks with symbolic or hard links that could lead to
privilege escalation (CVE-2013-1423). Thanks to Helmut Grohne for the
initial report and help in preparing the fix.
Roland Mas [Sun, 24 Feb 2013 09:35:33 +0000 (10:35 +0100)]
SECURITY: Avoid attacks with symbolic or hard links that could lead to
privilege escalation (CVE-2013-1423). Thanks to Helmut Grohne for the
initial report and help in preparing the fix.
Franck Villaume [Sat, 23 Feb 2013 13:09:32 +0000 (14:09 +0100)]
scmgit: add support for basic dav access
Franck Villaume [Fri, 22 Feb 2013 10:52:19 +0000 (11:52 +0100)]
Merge remote-tracking branch 'origin/Branch_5_2'
Franck Villaume [Fri, 22 Feb 2013 10:34:04 +0000 (11:34 +0100)]
projects-hierarchy: fix display child project name & do not permit multiple fathers
Franck Villaume [Wed, 20 Feb 2013 15:40:18 +0000 (16:40 +0100)]
revert last commit: code is in fact used
Franck Villaume [Wed, 20 Feb 2013 09:11:51 +0000 (10:11 +0100)]
port from Branch_5_2: widgets: fix availability based on patch from French Ministry of education
Franck Villaume [Tue, 19 Feb 2013 18:41:19 +0000 (19:41 +0100)]
Branch_5_2: widgets: fix availability based on patch from French Ministry of education
Franck Villaume [Tue, 19 Feb 2013 17:49:20 +0000 (18:49 +0100)]
docman: clean, remove unused code & better check
Roland Mas [Fri, 15 Feb 2013 08:52:45 +0000 (09:52 +0100)]
Refreshed gettext files to update line numbers in es.po
Roland Mas [Fri, 15 Feb 2013 08:52:00 +0000 (09:52 +0100)]
Merged from 5.2: updated Spanish translation file
Roland Mas [Fri, 15 Feb 2013 08:49:13 +0000 (09:49 +0100)]
Refreshed gettext files to update line numbers in es.po
Roland Mas [Fri, 15 Feb 2013 08:47:16 +0000 (09:47 +0100)]
Spanish translation update by Jose Angel Diaz Diaz <joseangel.diaz@cenatic.es>
Thorsten Glaser [Thu, 14 Feb 2013 09:45:44 +0000 (10:45 +0100)]
run ./tools/update-gettext-files.sh to refresh the .po files
Thorsten Glaser [Thu, 14 Feb 2013 09:44:55 +0000 (10:44 +0100)]
Merge branch 'Branch_5_2'
Conflicts:
src/common/widget/Widget_ProjectLatestNews.class.php
Ignored (refresh only):
src/translations/bg.po
src/translations/ca.po
src/translations/de.po
src/translations/el.po
src/translations/en.po
src/translations/eo.po
src/translations/es.po
src/translations/eu.po
src/translations/fr.po
src/translations/fusionforge.pot
src/translations/gl.po
src/translations/he.po
src/translations/id.po
src/translations/it.po
src/translations/ja.po
src/translations/ko.po
src/translations/la.po
src/translations/nb.po
src/translations/nl.po
src/translations/pl.po
src/translations/pt.po
src/translations/pt_BR.po
src/translations/ru.po
src/translations/sv.po
src/translations/th.po
src/translations/zh_CN.po
src/translations/zh_TW.po
Thorsten Glaser [Thu, 14 Feb 2013 09:32:08 +0000 (10:32 +0100)]
Merge branch 'Branch_5_1' into Branch_5_2
Conflicts:
src/www/tracker/tracker.php
Roland Mas [Wed, 13 Feb 2013 17:58:10 +0000 (17:58 +0000)]
Fix problem where updating an artifact would disable monitoring of this artifact for some users
Roland Mas [Tue, 12 Feb 2013 16:30:56 +0000 (17:30 +0100)]
Clean up files after the build
Roland Mas [Tue, 12 Feb 2013 15:24:02 +0000 (16:24 +0100)]
Refreshed gettext files